Email giants Google, Microsoft and Yahoo along with other players such as eBay's PayPal, AOL and Bank of America have formed a technical working group aimed at curbing phishing attacks.
Phishing, which refers to bogus email designed to coerce victims to fork over data, is a scourge along with spam. The working group, DMARC.org, has 15 members and aims to beef up email authentication. DMARC stands for Domain-based Message Authentication, Reporting & Conformance.
In a statement, Brett McDowell, chair of DMARC.org and senior manager of customer security initiatives at PayPal said that industry cooperation is needed to thwart phishing.
After 18 months of work, DMARC is pitching a system that allows email senders to include authentication technologies. In this system, email providers can get reports that highlight gaps in authentication schemes.
Here's how the system would work:
DMARC said it will submit its spec to international standards groups. Companies in DMARC include Agari, American Greetings, AOL, Bank of America, Cloudmark, Facebook, Fidelity, Google, LinkedIn, Microsoft, PayPal, ReturnPath, Yahoo and Trusted Domain Project.